Cron – Yum-cron fails to send email to root

centos7cronemailpostfix

I am trying to investigate an issue on one of our CentOS 7 servers, for which yum-cron fails to send an email to root with the result of the operations performed.

It always give this error:

Failed to send an email to localhost: [Errno 111] Connection refused

However, we have other servers with the same configuration, and this is the only one showing such issue.

Here is the yum-cron.conf content:

[commands]
#  What kind of update to use:
# default                            = yum upgrade
# security                           = yum --security upgrade
# security-severity:Critical         = yum --sec-severity=Critical upgrade
# minimal                            = yum --bugfix update-minimal
# minimal-security                   = yum --security update-minimal
# minimal-security-severity:Critical =  --sec-severity=Critical update-minimal
update_cmd = default

# Whether a message should be emitted when updates are available,
# were downloaded, or applied.
update_messages = yes

# Whether updates should be downloaded when they are available.
download_updates = yes

# Whether updates should be applied when they are available.  Note
# that download_updates must also be yes for the update to be applied.
apply_updates = yes

# Maximum amout of time to randomly sleep, in minutes.  The program
# will sleep for a random amount of time between 0 and random_sleep
# minutes before running.  This is useful for e.g. staggering the
# times that multiple systems will access update servers.  If
# random_sleep is 0 or negative, the program will run immediately.
# 6*60 = 360
random_sleep = 360


[emitters]
# Name to use for this system in messages that are emitted.  If
# system_name is None, the hostname will be used.
system_name = None

# How to send messages.  Valid options are stdio and email.  If
# emit_via includes stdio, messages will be sent to stdout; this is useful
# to have cron send the messages.  If emit_via includes email, this
# program will send email itself according to the configured options.
# If emit_via is None or left blank, no messages will be sent.
emit_via = email

# The width, in characters, that messages that are emitted should be
# formatted to.
output_width = 80


[email]
# The address to send email messages from.
email_from = root

# List of addresses to send messages to.
email_to = root

# Name of the host to connect to to send email messages.
email_host = localhost


[groups]
# NOTE: This only works when group_command != objects, which is now the default
# List of groups to update
group_list = None

# The types of group packages to install
group_package_types = mandatory, default

[base]
# This section overrides yum.conf

# Use this to filter Yum core messages
# -4: critical
# -3: critical+errors
# -2: critical+errors+warnings (default)
debuglevel = -2

# skip_broken = True
mdpolicy = group:main

# Uncomment to auto-import new gpg keys (dangerous)
# assumeyes = True

I double checked and it is identical to the config file on the other servers.

Also, all servers have postfix installed as mail server, which uses sendgrid as smtp relay.

Lastly, on all servers, sending emails to root manually through the mail command works without any error.

What should I check to make the cron send emails to root correctly?

EDIT:

After some testing, I noticed that on the server with the issue, there is nothing listening on TCP port 25:

[root@srv1 ~]# ss -tnlp | grep :25
[root@srv1 ~]#

while on the other server I get:

[root@srv2 ~]# ss -tnlp | grep :25
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=768,fd=13))
[root@srv2 ~]#

where the process with PID 768 is /usr/libexec/postfix/master -w.

I then checked which processes where active for the postfix service, and on the first server I get:

[root@srv1 ~]# service postfix status
Redirecting to /bin/systemctl status  postfix.service
● postfix.service - Postfix Mail Transport Agent
   Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2017-01-10 09:18:55 CET; 5min ago
  Process: 17409 ExecStop=/usr/sbin/postfix stop (code=exited, status=0/SUCCESS)
  Process: 17431 ExecStart=/usr/sbin/postfix start (code=exited, status=0/SUCCESS)
  Process: 17428 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS)
  Process: 17421 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=0/SUCCESS)
 Main PID: 17503 (master)
   CGroup: /system.slice/postfix.service
           ├─17503 /usr/libexec/postfix/master -w
           ├─17504 pickup -l -t unix -u
           └─17505 qmgr -l -t unix -u

while on the second one the output is:

[root@srv2 ~]# service postfix status
Redirecting to /bin/systemctl status  postfix.service
● postfix.service - Postfix Mail Transport Agent
   Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2016-12-28 16:34:19 CET; 1 weeks 5 days ago
 Main PID: 768 (master)
   CGroup: /system.slice/postfix.service
           ├─ 768 /usr/libexec/postfix/master -w
           ├─ 770 qmgr -l -t unix -u
           ├─8185 pickup -l -t unix -u
           └─9148 tlsmgr -l -t unix -u

So it would seem that on the first server tlsmgr is not started at all, however I cannot find any error in the logs.

Best Answer

In the end I found out that it was not an issue with yum-cron but rather with the configuration of postfix itself.

In fact, on the first server, the master.cf file was like:

# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
#smtp      inet  n       -       n       -       -       smtpd
#smtp      inet  n       -       n       -       1       postscreen
#smtpd     pass  -       -       n       -       -       smtpd
#dnsblog   unix  -       -       n       -       0       dnsblog
#tlsproxy  unix  -       -       n       -       0       tlsproxy
submission inet n       -       n       -       -       smtpd
[...]

while on the second server it was:

# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
#smtp      inet  n       -       n       -       1       postscreen
#smtpd     pass  -       -       n       -       -       smtpd
#dnsblog   unix  -       -       n       -       0       dnsblog
#tlsproxy  unix  -       -       n       -       0       tlsproxy
#submission inet n       -       n       -       -       smtpd
[...]

and by setting the first file as the second, that is, uncommenting the first smtp line and removing the submission line, I got it working as expected.

Related Topic